Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Amazon Senior Penetration Testing Engineer Security 
United States, Washington 
238155695

16.09.2024
DESCRIPTION

On this team you will be reading and manually reviewing source code in Java, Ruby, Python, JavaScript, Rust, C, and other languages to look for security bugs. We don’t expect you to be an expert at those languages, but we do want you to be curious and able to learn new things quickly.Key job responsibilities
Responsibilities:
- Execute manual penetration testing and source code review engagements against a variety of web services and software
- Develop other engineers
- Advise management- Provide actionable long-term risk mitigation guidance
- Provide clear communication on the issue to developers, suggest and help to test the fix
A day in the life
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.Training & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.Work/Life Balance


BASIC QUALIFICATIONS

- A Bachelor's degree in Computer Science, Cybersecurity, or other related fields, from an accredited university. Equivalent professional experience can be used in lieu of a degree.
- Minimum of 5 years of experience in professional penetration testing, source code auditing, bug hunting, or CTF experience.
- Minimum of 5 years of experience in scripting in Python or other equivalent interpreted programming languages
- Minimum of 5 years of professional experience with security engineering practices such as in web application security, network security, authN/authZ protocols, cryptography, automation, and other software security.